﻿using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;

namespace 登陆练习
{
    public partial class btnsubmit : Form
    {
        public btnsubmit()
        {
            InitializeComponent();
        }

        private void CountError()
        {
            using (SqlConnection conn = new SqlConnection(@"data source=.\SQlexpress;
            AttachDBFilename=|DataDirectory|\loginDB.mdf;Integrated Security=true;User Instance=true"))
            {
                conn.Open();
                using (SqlCommand cmd2 = conn.CreateCommand())
                {
                    cmd2.CommandText = "update T_users set errortimes=errortimes+1 where username=@username";
                    cmd2.Parameters.Add(new SqlParameter("username", txtuser.Text));
                    cmd2.ExecuteNonQuery();
                }
            }    
        }
        private void ResetError()
        {
            using (SqlConnection conn = new SqlConnection(@"data source=.\SQlexpress;
            AttachDBFilename=|DataDirectory|\loginDB.mdf;Integrated Security=true;User Instance=true"))
            {
                conn.Open();
                using (SqlCommand cmd3 = conn.CreateCommand())
                {
                    cmd3.CommandText = "update T_users set errortimes=0 where username=@username";
                    cmd3.Parameters.Add(new SqlParameter("username", txtuser.Text));
                    cmd3.ExecuteNonQuery();
                }
            }
        }
        private void btnlogin_Click(object sender, EventArgs e)
        {
            using (SqlConnection conn = new  SqlConnection(@"data source=.\SQlexpress;
            AttachDBFilename=|DataDirectory|\loginDB.mdf;Integrated Security=true;User Instance=true"))
            {
                conn.Open();
                using (SqlCommand cmd=conn.CreateCommand())
                {
                    cmd.CommandText = "select * from T_users where username=@username";
                    cmd.Parameters.Add(new SqlParameter("username", txtuser.Text));
                    using (SqlDataReader reader= cmd.ExecuteReader())
	                {
                        if (reader.Read())
                        {
                            int ErrorTimes = reader.GetInt32(reader.GetOrdinal("errortimes"));
                            if (ErrorTimes>2)
                            {
                                MessageBox.Show("登陆错误次数过多，禁止登陆！");
                                return;
                            }
                            string dbpwd = reader.GetString(reader.GetOrdinal("password"));
                            if (dbpwd==txtpwd.Text)
                            {
                                 MessageBox.Show("登陆成功");
                                 ResetError();
                            }
                            else
                            {
                                CountError();
                                MessageBox.Show("登陆失败");
                            }
                        }
                        else
                        {
                            MessageBox.Show("用户名不存在");
                            
                        }
	                }       
                }
            }
        }

        private void btnNew_Click(object sender, EventArgs e)
        {
            using (SqlConnection conn = new  SqlConnection(@"data source=.\SQLexpress;
            AttachDBFilename=|DataDirectory|\loginDB.mdf;Integrated Security=true;User Instance=true"))
            {
                conn.Open();
                string user = txtuser.Text;
                string pwd = txtpwd.Text;
                using (SqlCommand cmd4 = conn.CreateCommand())
                {
                    
                    cmd4.CommandText = "insert into T_users (username,password,errortimes)values(@txtuser,@txtpwd,'0')";
                    cmd4.Parameters.Add(new SqlParameter("txtuser", user));
                    cmd4.Parameters.Add(new SqlParameter("txtpwd",pwd));
                    cmd4.ExecuteNonQuery();
                    
                }    
            }
            MessageBox.Show("注册成功");
        }

      
    }
}
